On 2020-09-03 14:17, Carl Eugen Hoyos wrote:
Am Do., 3. Sept. 2020 um 01:17 Uhr schrieb <[email protected]>:+static int probe(const AVProbeData *p) +{ + if (AV_RL32(p->buf) == MKTAG('M', 'A', 'D', 'P') && + AV_RL16(p->buf + 4) <= 0xff) + return AVPROBE_SCORE_MAX / 3 * 2; + return 0; +}+ if (version <= 4) {+ // version <= 4 needs to use the file size to calculate the offsets+ if (file_size < 0) { + return AVERROR(EIO); + } + if (file_size - data_size > UINT32_MAX) + return AVERROR_INVALIDDATA; + m->data_start = file_size - data_size; + if (version <= 3) { + nb_metadata = 0;+ // header_size is not available or incorrect in older versions+ header_size = m->data_start; + } + } else if (version == 5) { + // read data_start location from the header + if (0x30 * par->channels + 0x4 > header_size) + return AVERROR_INVALIDDATA; + data_offset = header_size - 0x30 * par->channels - 0x4; + if ((ret_size = avio_seek(s->pb, data_offset, SEEK_SET)) < 0) + return ret_size; + m->data_start = avio_rl32(s->pb); + // check if the metadata is reasonable+ if (file_size > 0 && (int64_t)m->data_start + data_size > file_size) {+ // the header is broken beyond repair + if ((int64_t)header_size + data_size > file_size) { + av_log(s, AV_LOG_ERROR,+ "MCA metadata corrupted, unable to determine the data offset.\n");+ return AVERROR_INVALIDDATA; + } + // recover the data_start information from the data size + av_log(s, AV_LOG_WARNING, + "Incorrect header size found in metadata, " + "header size approximated from the data size\n"); + if (file_size - data_offset > UINT32_MAX) + return AVERROR_INVALIDDATA; + m->data_start = file_size - data_size; + } + } else { + avpriv_request_sample(s, "version %d", version); + return AVERROR_PATCHWELCOME; + }It seems to me that you are much stricter checking the version when reading the header information than when probing the file but if there is a difference, the probing should be stricter. Please check in the probe function if version <= 5.
Will do. Should I also keep the else clause here?
+ } else { + avpriv_request_sample(s, "version %d", version); + return AVERROR_PATCHWELCOME; + }
Carl Eugen _______________________________________________ ffmpeg-devel mailing list [email protected] https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email [email protected] with subject "unsubscribe".
Thanks for your review again! Thanks, Zixing _______________________________________________ ffmpeg-devel mailing list [email protected] https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email [email protected] with subject "unsubscribe".
